182.255.1.37
{
"scan_id": 1767781098,
"ip": "182.255.1.37",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.255.1.0/26",
"postal_code": "50249",
"coordinates": {
"latitude": "-7.2722",
"longitude": "110.4753"
},
"geo_point": "-7.2722, 110.4753",
"locale_code": "en",
"continent": "Asia",
"country_code": "ID",
"country_name": "Indonesia",
"city": "Semarang"
},
"location_updated_at": "2026-01-06T12:43:39Z",
"asn": {
"number": "AS46049",
"organization": "Universitas Diponegoro",
"country_code": "ID"
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.255.1.0/24",
"organization": "Route Object of Universitas Diponegoro",
"descr": "Route Object of Universitas Diponegoro,\nUniversity / Direct Member IDNIC,\nSemarang - Jawa Tengah",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:26:54Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2026-01-06T12:43:39Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2026-01-06T16:05:39Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2026-01-06T12:43:39Z"
}
],
"services": [
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<html>\r\n<head><title>415 Unsupported Media Type</title></head>\r\n<body>\r\n<center><h1>415 Unsupported Media Type</h1></center>\r\n<hr><center>openresty/1.27.1.1</center>\r\n</body>\r\n</html>\r\n",
"body_murmur": -2017145936,
"body_sha256": "93601d7d66a95d2f58e11ac07ec0e487e49934287305e27c3155a7c622a7feac",
"component": [
"OpenResty:1.27.1.1",
"Nginx"
],
"content_length": 185,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"185"
],
"content_type": [
"text/html"
],
"date": [
"Mon, 05 Jan 2026 02:45:32 GMT"
],
"server": [
"openresty/1.27.1.1"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.255.1.37",
"path": "",
"scheme": "http"
}
},
"status_code": 415,
"title": "415 Unsupported Media Type"
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "http://182.255.1.37/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-05T02:45:33.669Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<html>\r\n<head><title>415 Unsupported Media Type</title></head>\r\n<body>\r\n<center><h1>415 Unsupported Media Type</h1></center>\r\n<hr><center>openresty/1.27.1.1</center>\r\n</body>\r\n</html>\r\n",
"body_murmur": -2017145936,
"body_sha256": "93601d7d66a95d2f58e11ac07ec0e487e49934287305e27c3155a7c622a7feac",
"component": [
"OpenResty:1.27.1.1",
"Nginx"
],
"content_length": 185,
"favicon": {
"md5_hash": "c27fa70654965bcad1e1e9c5fc70e451",
"murmur_hash": -1652753547,
"path": "https://182.255.1.37:443/favicon.ico",
"size": 2068
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"185"
],
"content_type": [
"text/html"
],
"date": [
"Sun, 04 Jan 2026 17:17:38 GMT"
],
"server": [
"openresty/1.27.1.1"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.255.1.37",
"path": "",
"scheme": "https"
}
},
"status_code": 415,
"title": "415 Unsupported Media Type"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://r13.i.lencr.org/"
]
},
"authority_key_id": "e7ab9f0f2c33a053d35e4f78c8b2840e3bd69233",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://r13.c.lencr.org/87.crl"
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 16:83:2D:AB:F0:A9:25:0F:0F:F0:3A:A5:45:FF:C8:BF:\n C8:23:D0:87:4B:F6:04:29:27:F8:E7:1F:33:13:F5:FA\n Timestamp : Dec 10 09:20:20.076 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:21:00:87:55:D7:5C:59:E6:99:8C:0C:3F:2F:\n A3:4B:2B:84:9A:7E:E6:22:77:D7:0B:1B:36:69:CC:C7:\n 38:9A:53:27:79:02:20:3D:DA:C5:43:88:3C:6B:AB:09:\n E2:78:68:86:88:9C:FB:ED:D7:26:57:CB:00:5B:0E:60:\n 1F:3A:96:CC:5E:FB:13\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : E3:23:8D:F2:8D:A2:88:E0:AA:E0:AC:F0:FA:90:C9:85:\n F0:B6:BF:F5:D2:A5:27:B0:01:FC:1C:44:58:C4:B6:E8\n Timestamp : Dec 10 09:20:20.524 2025 GMT\n Extensions: 00:00:05:00:2B:6F:2E:5D\n Signature : ecdsa-with-SHA256\n 30:44:02:20:20:47:8A:98:86:03:B7:65:A2:9D:72:FD:\n 81:DB:0D:61:FD:A3:0F:97:BB:94:BE:DD:98:CA:31:73:\n 90:77:16:44:02:20:53:A9:AB:4B:36:2C:66:D0:53:B3:\n 90:8D:AB:2C:0C:92:86:4B:A3:16:57:C8:AC:17:35:DD:\n C0:C6:BC:77:F6:D8",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"agribisnis.fpp.undip.ac.id"
]
},
"subject_key_id": "d524898b0a48479836ce8dff909ab8e5097fc3d3"
},
"fingerprint_md5": "F88BDB85F47DCF1C1827D7E3FE28A0E7",
"fingerprint_sha1": "81DE959A7189300B98612B752DB1BFD484B851E9",
"fingerprint_sha256": "2F764B6882FBD0B0325494B30D67B6F00F85C09F00FEF1F74D18CDBB039FB2D8",
"issuer": {
"common_name": [
"R13"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"issuer_dn": "/C=US/O=Let's Encrypt/CN=R13",
"jarm": "21d19d00021d21d00042d43d00000091f9827a8676a9d9f27d421962a09b5d",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2026-01-17T06:54:08",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "599345532407913286920811403873476780899670",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "MzMyZGEzMmFhMzNmOGEzZGVmNjBmNTk4NjU3ZjAwODY2ZTQ4ZmM2OGM3YjgzM2Q4M2I2NGQ5NDQxMGEyYWE0MDQxMzRlOTlhZmIwYzBkODc0ZWRlNDBjOTc1ZGYyMWJhNjdlZGVmMDdiZDE4MDE4NGNiOWMxNTMwMTFiMDllOWJmMWQxMTRiMDU1MTIzMjliZjA2MDRjYzRlZmZhMGRlYTU5ODRkOTQwN2NlMWQwNDFkM2IyOWI1Y2NjYjI1ZDZhZmIyMWM2NTQwM2I1M2IyMGM1MjJjMWNhMWExNjFiNWIxYjJiN2E1M2IzNjQxMzFjOGEwZWQ5MjVhMTE0YTMyYTY2N2ViNDQ3YzI0MmFmMDMxNDNmNzMwZjAzYTcwMzE1YzQ4MzhjNzg2Njg5Nzc3ZGZjODEwODgzZmQzNTcwOGQ5NjZmYjM1ZDJiMGE5NjIzZTEyMTg5YzIxNmM0MWVhNGQ2OGFlMjBlZDk5MzM0MGY3NjhmYWRmYjdlMDcwOTVjN2M4MjBkMjUxYjIyMTU3NDBjMzQ1ZmE3MTY0MDlhMWNjZjY5MmNiNWY5MzAxYWFlZGRjY2I0MWM0YTk4OTVlNDc4ZDU1N2EwZjlmZDQwMzEzYjcyMzI4ZjczNjNiNDFiY2FmMjc4N2ViMTQ0N2EwZDU1ZDIxMzRhZWQwMGU5NmI="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "16832dabf0a9250f0ff03aa545ffc8bfc823d0874bf6042927f8e71f3313f5fa",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30450221008755d75c59e6998c0c3f2fa34b2b849a7ee62277d70b1b3669ccc7389a53277902203ddac543883c6bab09e2786886889cfbedd72657cb005b0e601f3a96cc5efb13"
},
"timestamp": "2025-12-10T09:20:20.076000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "e3238df28da288e0aae0acf0fa90c985f0b6bff5d2a527b001fc1c4458c4b6e8",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3044022020478a988603b765a29d72fd81db0d61fda30f97bb94bedd98ca317390771644022053a9ab4b362c66d053b3908dab2c0c92864ba31657c8ac1735ddc0c6bc77f6d8"
},
"timestamp": "2025-12-10T09:20:20.524000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"agribisnis.fpp.undip.ac.id"
]
},
"subject_alt_name": {
"dns_names": [
"agribisnis.fpp.undip.ac.id"
],
"extended_dns_names": [
{
"domain": "undip",
"fld": "undip.ac.id",
"subdomain": "agribisnis.fpp",
"tld": "ac.id"
}
]
},
"subject_dn": "/CN=agribisnis.fpp.undip.ac.id",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "10379ef01289e14f0b17a03c8b00261b013c5c863cf81a1e98b70d28bc6db0a1",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhlMGQ4NDVmM2EwMzQ1Y2NiYjE2NDhkMGRlZmRiYmRlM2ZhZGY4NDcwNWQwNTY5MzBjODRlYWFlN2E3MTA2NDRjN2JhMzA0OGZiZGE5Nzk3ZDAyZDViZjVmYzA2ZWQ3MGViMzYxZTIyYTFjZmIzMGUwMjIxYjI4YWEwMGFjOTk0MjY1ZTA3YjU1YjdkMzlmMTEwZDAyYjQ1NTAxM2E0MzY3MTkxMDRmMDFlMWIzYzBjZGU1M2YxNTY3NDVkNmRjNjQ0NTU4Y2ZmODdhZDJkY2IyMDc0NzljNWY5MmViY2M2Y2QxNmUwNjg0MTE5NGE5NjNiM2FiMDY2YTliY2IyNGEwZTkwODg2NDY1MDM4Njg5YmY2OWFhYTU3MGU2YTkzN2U4ZWQyNzJmNzhjZTk4M2I3NjgxMDg3ZTg5ZjIyYjRiNTZkM2ExNTMyZjMxYWVlMTk0NGJmZTk3NGVlYzcyMjU1ZDk2Y2JkYjllNGQ3ZDA4YzRhNTQ1ZDI0MDZlYTg0MjYzNWY4YTJiNDljMzljNTYwODg2NTI5OWJhM2ZmNWUzNWU4ZTJlMjk4Mzc2Nzg2OWE1NGU5MDUwMjQ2NTAyZjRkN2E3OTM5NzBhODVmNDM5MTk5ZjgxYjYyYjU2MmMwZmE0NDcwNDMyZjVjYmFjYzIzZDBmMTcxM2FlYzhiMjBkZg=="
}
},
"tbs_fingerprint": "f5f1b656eb8e2a1e382b6978d1d97717835f4db38feb648598c588c847dccf67",
"tbs_noct_fingerprint": "28bca05fc50c10081b272f0cabb9d3db98d498eb18bfc2f07601abee5632156d",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2026-03-10T08:21:48",
"not_before": "2025-12-10T08:21:49"
},
"version": 2
},
"fingerprint_sha256": "2F764B6882FBD0B0325494B30D67B6F00F85C09F00FEF1F74D18CDBB039FB2D8",
"precert": false,
"raw": "MIIFFzCCA/+gAwIBAgISBuFRdso3nKSM2h2mn/nshj1WMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTMwHhcNMjUxMjEwMDgyMTQ5WhcNMjYwMzEwMDgyMTQ4WjAlMSMwIQYDVQQDExphZ3JpYmlzbmlzLmZwcC51bmRpcC5hYy5pZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAODYRfOgNFzLsWSNDe/bveP634RwXQVpMMhOquenEGRMe6MEj72peX0C1b9fwG7XDrNh4ioc+zDgIhsoqgCsmUJl4HtVt9OfEQ0CtFUBOkNnGRBPAeGzwM3lPxVnRdbcZEVYz/h60tyyB0ecX5LrzGzRbgaEEZSpY7OrBmqbyySg6QiGRlA4aJv2mqpXDmqTfo7ScveM6YO3aBCH6J8itLVtOhUy8xruGUS/6XTuxyJV2Wy9ueTX0IxKVF0kBuqEJjX4orScOcVgiGUpm6P/XjXo4uKYN2eGmlTpBQJGUC9Nenk5cKhfQ5GZ+BtitWLA+kRwQy9cuswj0PFxOuyLIN8CAwEAAaOCAjEwggItMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU1SSJiwpIR5g2zo3/kJq45Ql/w9MwHwYDVR0jBBgwFoAU56ufDywzoFPTXk94yLKEDjvWkjMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEzLmkubGVuY3Iub3JnLzAlBgNVHREEHjAcghphZ3JpYmlzbmlzLmZwcC51bmRpcC5hYy5pZDATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEzLmMubGVuY3Iub3JnLzg3LmNybDCCAQsGCisGAQQB1nkCBAIEgfwEgfkA9wB2ABaDLavwqSUPD/A6pUX/yL/II9CHS/YEKSf45x8zE/X6AAABmwePwGwAAAQDAEcwRQIhAIdV11xZ5pmMDD8vo0srhJp+5iJ31wsbNmnMxziaUyd5AiA92sVDiDxrqwnieGiGiJz77dcmV8sAWw5gHzqWzF77EwB9AOMjjfKNoojgquCs8PqQyYXwtr/10qUnsAH8HERYxLboAAABmwePwiwACAAABQArby5dBAMARjBEAiAgR4qYhgO3ZaKdcv2B2w1h/aMPl7uUvt2YyjFzkHcWRAIgU6mrSzYsZtBTs5CNqywMkoZLoxZXyKwXNd3Axrx39tgwDQYJKoZIhvcNAQELBQADggEBADMtoyqjP4o972D1mGV/AIZuSPxox7gz2Dtk2UQQoqpAQTTpmvsMDYdO3kDJdd8humft7we9GAGEy5wVMBGwnpvx0RSwVRIym/BgTMTv+g3qWYTZQHzh0EHTsptczLJdavshxlQDtTsgxSLByhoWG1sbK3pTs2QTHIoO2SWhFKMqZn60R8JCrwMUP3MPA6cDFcSDjHhmiXd9/IEIg/01cI2Wb7NdKwqWI+EhicIWxB6k1oriDtmTNA92j637fgcJXHyCDSUbIhV0DDRfpxZAmhzPaSy1+TAart3MtBxKmJXkeNVXoPn9QDE7cjKPc2O0G8ryeH6xRHoNVdITSu0A6Ws=",
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "https://182.255.1.37/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-08T07:16:33.586Z"
}
],
"services_hash": "81fd4879b3c2a450c0e97adb3242e0bbc0715293fd117cbcf22fce194b23d88b",
"last_updated_at": "2026-01-08T07:16:33.586Z",
"banner": [
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"443/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
}
}
}